NVIDIA GPU and Tegra hardware contain a vulnerability in the internal microcontroller, which may allow a user with elevated privileges to instantiate a DMA write operation only within a specific time window timed to corrupt code execution, which may impact confidentiality, integrity, or availability. The scope impact may extend to other components.
Attack Vector Local
Attack Complexity High
Privileges Required High
Scope Changed
Confidentiality Impact High
Integrity Impact High
Availability Impact High
User Interaction None
No CVSS v3.0
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
AV:L/AC:M/Au:N/C:C/I:C/A:C
Vendors | Products |
---|---|
Nvidia |
|
Linux |
|
Microsoft |
|
Configuration 1 [-]
AND |
|
References
Link | Resource |
---|---|
https://nvidia.custhelp.com/app/answers/detail/a_id/5263 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: nvidia
Published: 2021-11-20T14:55:23
Updated: 2022-02-08T18:36:12
Reserved: 2021-02-09T00:00:00
Link: CVE-2021-23217
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-11-20T15:15:07.890
Modified: 2022-02-24T19:13:48.060
Link: CVE-2021-23217
JSON object: View
Redhat Information
No data.
CWE